Open banking: Everything you need to know
Last editedAug 2021 9 min read
What is open banking?
A term used to describe the process of banks and other financial institutions opening up data for regulated providers to access, use and share.
Don’t worry - it’s not as unsafe as that description might make it sound. Banks are effectively putting in place the infrastructure for their customers’ data to be shared more easily with third parties, when the customer chooses to do so.
That last part is important. Open banking isn’t some ploy to allow banks to more easily sell their customers’ data. The intention is quite the opposite - open banking was conceived for the ultimate purpose of improving financial services for customers. And by opening up access to data they’ve historically kept in-house, it allows new companies and new products to come to market, and use this data in helpful, innovative ways.
So what does it all mean?
For financial service providers - At the top of the chain, open banking will allow financial service providers to significantly innovate on their product offerings to businesses.
For businesses (large and small) - Those innovations made by financial service providers will mean more effective and efficient financial tools in your business - notably payments. Which will mean things like more automation, freeing up more time, doing away with the headaches of manual tasks, and ultimately saving you money.
For customers - Open banking will mean better ways to spend, borrow, and invest.
What problems are open banking solving?
There’s no one, specific, major problem open banking is solving. Instead, in the simplest terms, open banking is trying to spark competition and innovation in the financial services sector, to create better products and experiences for businesses and consumers.
Some broad problems that open banking can help solve include:
Poor trust in banks (see image below)
Customers of traditional banks being stuck with outdated products, services, and features (unlike customers of challenger banks such as 86 400, Up and Volt Bank - which have the benefit of launching in a more modern time)
(Above: Financial services is the least trusted industry sector, according to the Edelman Trust Barometer 2020.)
Some opportunities that open banking strives for include:
Helping people to better transact, save, borrow, lend and invest their money
Reduce overdraft fees
Improve customer service
Increase your control of your financial data
What are the benefits of open banking?
✅ Convenience
✅ Cost reduction
✅ Personalisation
✅ Improved decision-making
These are the broad benefits open banking is bringing to the market. Not just for consumers, but also for businesses.
By securely opening up access to your banking data (with your consent), two things happen:
There’s a new swathe of highly-useful financial information about you or your business that can now be used by software products, to your benefit.
Entirely new software products can be created, encouraging new entrants to the market to innovate and compete for your business.
It’s thanks to this openness and competition that you’ll be able to get financial products better-tailored to your specific needs, and are likely to see costs go down.
It’s also inherent that with access to more of your financial data, you’ll see financial products using this to get better and better at helping you make beneficial decisions.
Expect to see things like:
All-in-one overviews - Aggregation of all your financials, spanning bank accounts, credit cards, investments, loans, pension and more, all in one place.
Increased availability - For some, things like good borrowing terms just aren’t available. And others may just be flat-out denied. But with new access to banking data, consumers and businesses who have historically been boxed-out will gain newfound access to certain financial products.
More automation - With banking data becoming open and accessible in a standardised way, expect products to further automate currently-manual tasks, and to see an increase in “robo-advice”.
Improved online payment experiences - Where businesses and their customers will be able to make and take bank-to-bank payments that are faster, more flexible, and rivalling (or even replacing) card payments.
What data does open banking help “open up”?
There are three broad areas open banking is “opening up” - account data, product data, and payment initiation.
Account data
Account data is what you’d expect. Things like:
Account holder’s name
Account type
Currency
Date the account was opened
Transaction info (e.g. amounts, merchants, etc.)
Product data
Product data is around the products and services a financial institution might offer. For example, historically you would have to go into a bank branch to find out what they can offer you as a customer. Now you can give them a call, or better yet browse their website.
But with open banking this info is put into a standard format, which makes it easier for others to show you the best options for you. (Imagine your accounting software automatically telling you when you’re better off switching banks, and showing you exactly which account to go for.)
Payment initiation
Payment initiation is all about making payments from one bank account to another. But instead of having to login to online banking and manually go through the payment process step-by-step, with open banking this process can be initiated by other software, apps, or websites, and sped up - provided the account holder explicitly consents.
How does open banking work?
Technologically-speaking, open banking relies on APIs (application programming interfaces). An API is just a structured way for one program to offer services to another program. Or, put even more simply, it’s just a way of helping software speak to other software.
Think about the data we’ve covered above - account holder’s name, account type, currency, etc.. APIs are effectively the instructions for how a third party accredited provider can access that data from a bank.
(Fun fact: GoCardless has its own API.)
Once these APIs are agreed by everyone involved in the open banking initiative (e.g. the government, regulators, and banks), it’s up to the banks to build and implement them. Once they have, businesses can start accessing them and building new and innovative products using them. The customers of these businesses - which could be consumers, small businesses, or even enterprise companies - would then ultimately benefit, by using these innovative products.
It’s important to note that the APIs set up for the open banking regime are secure and have been designed to handle sensitive personal information.
Open banking use cases
Key examples include:
✅ Better payments solutions for businesses - With the payment initiation side of open banking, businesses could use payment products that improve cash flow, lower costs, increase visibility and control, and reduce fraud.
✅ Better borrowing terms - If you don’t have much credit history, you could be prevented from getting favourable borrowing terms. But with open banking, your historical bank account data can be accessed by lenders to help better demonstrate your creditworthiness.
✅ Better financial management - By accessing your account data, open banking products could analyse all the money coming into and going out of your accounts, helping you better identify problem areas and opportunities (e.g. lower fees, better interest).
✅ Account aggregation - Essentially, being able to see all of your accounts in one place. Instead of having to log in to multiple different accounts in your web browser, or switch between multiple apps on your phone.
Open banking in Australia 🇦🇺
Overview
In Australia, the process of open banking (otherwise known as the Consumer Data Right) is an initiative of the Australian Government. It is regulated by the Australian Competition and Consumer Commission (ACCC) and the Office of the Australian Information Commissioner (OAIC), with standards developed by the CSIRO’s Data Standards Body.
While all these entities are involved in the design and implementation of open banking in Australia, there are four core parties involved in “using” open banking:
Account providers - Such as banks and building societies. Also referred to as ‘data holders’. These are the ‘givers’ of the CDR and refer to the providers who currently store consumer data. Registered data holders allow their customers’ data to be accessed by third parties, when provided with consent to do so. Under the legislation, data holders are required by law to make their customer data available to third parties.
Third party providers - Also referred to as ‘accredited data recipients’. These are the businesses ‘receiving’ the data and doing the innovating, creating products and services which use the newly-accessible customer data held by banks.
Technical service providers (TSPs) - Companies that work with regulated providers to deliver open banking products or services. Essentially, TSPs collaborate with account providers and third party providers to help deliver open banking products and services.
Consumers - Both individuals and businesses. They ultimately benefit from the open banking products and services developed by third party providers.
Examples of open banking in Australia
Some examples of open banking features on the market right now include:
There are many more open banking innovations in development.
Timeline of open banking in Australia
2017 - The Government announces it will introduce an open banking regime in Australia and commissions an independent review to gather recommendations for its implementation.
May 2018 - The Government agrees to the recommendations as outlined in the open banking review, which includes a framework for the CDR and the application of the concept to the Financial Services sector.
July 2019 - Phase 1 commences requiring The Big Four banks to make data available for all deposit and transaction accounts and all credit and debit card accounts.
August 2019 - The CDR legislation is released
October 2020 - ACCC publishes the rules that guide the CDR
February 2020 - The Big Four banks are mandated to share data for home loan, personal loan and mortgage offset accounts.
May 2020 - Applications to become accredited data recipients open and the accreditation process begins.
July 2020: Open banking regime commences with a pilot involving The Big Four banks. They are mandated to share product reference data on all products plus account and transaction data for all deposit, transaction, credit card and debit card accounts. Meanwhile, other banks begin to provide access to product reference data on deposit, transaction, credit and debit card accounts.
February 2021: All other banks outside of The Big Four begin sharing data on home loan, personal loan and Mortgage offset account.
July 2021: Deadline for all other banks to be open banking ready.
February 2022: Full scope of open banking regime released for consumers.
Frequently asked questions
🗣 Which banks use open banking?
In addition to The Big Four – Commonwealth, Westpac, ANZ and NAB – smaller banks or authorised deposit-taking institutions (ADIs) in Australia must opt in to the open banking regime, with some limited exceptions such as foreign ADIs.
🗣 How safe is open banking in Australia?
Like all good financial technologies, open banking is designed to be very secure. It’s implemented by banks, so is subject to their rigorous security measures.
Additionally, the Australian framework is held to the high standards developed by CSIRO’s Data Standards Body, which includes guidelines around information security controls, consent and API standards.
The consumer is always in charge of who is granted access to their data, and this access can always be revoked if they wish.
And if fraudulent payments are made, your bank or building society will pay your money back under appropriate circumstances.
In addition, open banking products and services are regulated by the ACCC and OAIC and consumers are also protected by Australian Privacy laws and Australian Financial Complaints Authority (AFCA).
🗣 Is PSD2 the same as the Consumer Data Right?
PSD2 is not the same as open banking as we know it in Australia, but the two are closely related.
PSD2 is an EU regulation intended to increase competition and innovation in the financial space. It removes the monopoly banks have on the use of customer data, allowing other businesses to use that data as well, with the customer’s permission.
Open banking or the CDR is the secure way for providers access to your financial information, in Australia. It was modelled off the PSD2, but they are not the same thing. PSD2 requires banks open up access to customer data (and remember: it’s only shared with your consent), but the Consumer Data Right specifies a standard format for the process.
🗣 "Can I use the open banking APIs?"
Yes. Getting started using the CDR APIs depends on whether you’re a:
Third party provider (accredited data recipient)
Account provider (data holders)
Technical service provider (TSP)
For third party providers, becoming an accredited data recipient involves a process managed by the ACCC:
Review the accreditation checklist and other documentation - Understand what it is you need to have, read up on your legal obligations and make sure you have, at least, the minimum IT requirements necessary to be approved.
Apply for an account to access the CDR Participant Portal - An office holder of the organisation applying for accreditation must create an account for the organisation and verify their identity. This can be done via the CDR website.
Apply and submit your application - Login to the CDR Participant Portal and complete the relevant application form for your business.
Once approved by the ACCC, you must pass the onboarding process - This includes the successful completion of a Conformance Test Suite and providing the technical details of your organisation’s production environment and readiness.
Go live - Once your regulatory status is confirmed by the ACCC, and your enrolment is complete, you’ll be accredited and ready to participate in Australia’s open banking regime. You can start connecting with account providers to test your service. And when you’re ready, you can launch your service with customers.
For data holders, the Consumer Data Right is mandatory and as part of their responsibility they must provide an online service that can be used by consumers and accredited data providers to make consumer data requests and product requests.
For technical service providers, becoming part of the Consumer Data Right Ecosystem takes 4 steps:
Deciding your service - Before you begin, you need to know who you’ll be serving, and what you’ll be offering. This could be infrastructure, or a particular type of product or service.
Partner with open banking providers - Once you’ve honed in on your niche, the entire banking industry is your oyster. Kick off by reaching out to relevant ADIs to connect and make them aware of what you’re offering. Keep your finger on the pulse of industry news around open banking to see which companies have joined the list of accredited data recipients and reach out to them too. Finally be aware of the wider rollout of the CDR to other sectors and be ready to provide industry-agnostic products and services, when the time eventually comes.
GoCardless and open banking
In 2020, we completed a $95million funding round to accelerate our investment in open banking.
While we’ve built the world’s first global network for recurring payments from the ground up using bank debit (such as BECS Direct Debit in Australia), we’ve never seen ourselves as “just” a bank debit company.
We’ve been tracking the development and launch of open banking initiatives around the world from the beginning. And we’ve been getting directly involved. For example, we collected the first ever live Variable Recurring Payments with Open Banking in the UK back in 2019 and we intend to lead the way in ANZ.
We’ve learned loads from the implementation of open banking in the UK and the EU, where open banking technology has matured. It’s time for us to bring our expertise in open banking to the world of recurring payments for Australian businesses.
Expect to see some changes to our product over time, such as:
Speeding up cash flow for the first payment in a recurring relationship (cutting 1-5+ days off the wait to get paid for the first time)
Improving payment visibility and helping eliminate card fees by with instant payment confirmation for one-off payments
Reducing payment fraud through rapid verification of bank account details And more to come